Merge pull request #65 from yylt/feat/all-ech #20
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Cloudflare Workers | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: [ 'v*' ] | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-node@v6 | |
| - name: Install Rust toolchain | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| override: true | |
| - name: Install wrangler | |
| run: | | |
| npm install -g wrangler | |
| - name: Update environments | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| run: | | |
| # 检查Worker中是否存在指定的secret变量 | |
| set +e | |
| SECRET_LIST_OUTPUT=$(npx wrangler secret list 2>&1) | |
| set -e | |
| # 定义 secret 变量名称 | |
| SECRET_NAMES=("PASSWORD" "PREFIX" "PROXY_DOMAINS" "FORWARD_HOST") | |
| get_github_secret() { | |
| local secret_name="$1" | |
| case "$secret_name" in | |
| "PASSWORD") | |
| echo "${{ secrets.PASSWORD }}" | |
| ;; | |
| "PREFIX") | |
| echo "${{ secrets.PREFIX }}" | |
| ;; | |
| "PROXY_DOMAINS") | |
| echo "${{ secrets.PROXY_DOMAINS }}" | |
| ;; | |
| "FORWARD_HOST") | |
| echo "${{ secrets.FORWARD_HOST }}" | |
| ;; | |
| *) | |
| echo "" | |
| ;; | |
| esac | |
| } | |
| for SECRET_NAME in "${SECRET_NAMES[@]}"; do | |
| echo "--- 处理 ${SECRET_NAME} ---" | |
| if echo "$SECRET_LIST_OUTPUT" | grep -q "$SECRET_NAME"; then | |
| echo "✅ Worker中已存在${SECRET_NAME}, 跳过更新" | |
| continue | |
| fi | |
| GITHUB_VALUE=$(get_github_secret "$SECRET_NAME") | |
| if [[ -n "$GITHUB_VALUE" ]]; then | |
| set +e | |
| echo "正在设置${SECRET_NAME}..." | |
| SECRET_PUT_OUTPUT=$(echo "$GITHUB_VALUE" | npx wrangler secret put "$SECRET_NAME" 2>&1) | |
| SECRET_RESULT=$? | |
| set -e | |
| echo "Secret put 输出:" | |
| echo "$SECRET_PUT_OUTPUT" | grep -v "Please update to the latest version" | |
| if [ $SECRET_RESULT -ne 0 ]; then | |
| # 如果错误是由于密钥已存在导致的,视为成功 | |
| if echo "$SECRET_PUT_OUTPUT" | grep -q -E "(already in use|already exists|conflict)"; then | |
| echo "⚠️ ${SECRET_NAME}已存在于Worker中但未被列表命令检测到,继续执行" | |
| else | |
| # 最后再检查一次是否因为密钥已存在但未被正确检测 | |
| set +e | |
| FINAL_CHECK=$(npx wrangler secret list 2>&1) | |
| set -e | |
| if echo "$FINAL_CHECK" | grep -q "$SECRET_NAME"; then | |
| echo "虽然设置${SECRET_NAME}失败,但密钥似乎已存在于Worker中,继续执行" | |
| else | |
| echo "❌ 设置${SECRET_NAME}失败,且密钥确实不存在,退出部署" | |
| echo "详细错误信息: $SECRET_PUT_OUTPUT" | |
| exit 1 | |
| fi | |
| fi | |
| else | |
| echo "✅ ${SECRET_NAME} 已成功创建(作为secret变量)" | |
| fi | |
| else | |
| echo "!!! 未找到GitHub中配置的${SECRET_NAME}值,忽略" | |
| fi | |
| done | |
| - name: Deploy to Cloudflare Workers | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| run: | | |
| npx wrangler deploy 2>&1 | sed -E 's/https:\/\/[a-zA-Z0-9.-]*\.(workers|pages)\.dev/https:\/\/[REDACTED].\1.dev/g' | |
| - name: Notify deployment status | |
| if: always() | |
| run: | | |
| if [ "${{ job.status }}" == "success" ]; then | |
| echo "🎉 成功部署!" | |
| else | |
| echo "❌ 部署失败!" | |
| fi | |